CVE-2025-47775

Name of the Vulnerable Software and Affected Versions: Bullfrog versions prior to 0.8.4

Description: Bullfrog is a GitHub Action to block unauthorized outbound traffic in GitHub workflows. Prior to version 0.8.4, using tcp breaks blocking and allows DNS exfiltration, which can result in sandbox bypass.

Recommendations: For versions prior to 0.8.4, update to version 0.8.4 to fix the issue. As a temporary workaround, consider avoiding the use of tcp in GitHub workflows until the update is applied.